CVE-2023-36263 Information

Description

Prestashop opartlimitquantity 1.4.5 and before is vulnerable to SQL Injection. OpartlimitquantityAlertlimitModuleFrontController::displayAjaxPushAlertMessage()` has sensitive SQL calls that can be executed with a trivial http call and exploited to forge a SQL injection.

Reference

https://security.friendsofpresta.org/modules/2023/10/25/opartlimitquantity.html